Description:
--safe-user-create option not working
Hi Team,
Added safe-user-create flag in my.conf file.
[mysqld]
safe-user-create=ON
Once MySQL started I queried the safe-user-create' variable and returned an empty set.
mysql> SHOW VARIABLES LIKE 'safe-user-create';
Empty set (0.00 sec)
Created a test1 user using the command's
---------------------------------------------
CREATE USER 'test1'@'localhost' IDENTIFIED BY 'test';
GRANT CREATE USER ON *.* TO 'test1'@'localhost';
mysql> SHOW GRANTS FOR 'test1'@'localhost';
+-------------------------------------------------+
| Grants for test1@localhost |
+-------------------------------------------------+
| GRANT CREATE USER ON *.* TO 'test1'@'localhost' |
+-------------------------------------------------+
1 row in set (0.00 sec)
Logged in using test1 user and able to create a user without INSERT(user) privileges
----------------------------------------------------------------------------------------
[root@localhost bin]# ./mysql -utest1 -ptest
mysql: [Warning] Using a password on the command line interface can be insecure.
Welcome to the MySQL monitor. Commands end with ; or \g.
Your MySQL connection id is 55
Server version: 5.7.36-enterprise-commercial-advanced-log MySQL Enterprise Server - Advanced Edition (Commercial)
Copyright (c) 2000, 2021, Oracle and/or its affiliates.
Oracle is a registered trademark of Oracle Corporation and/or its
affiliates. Other names may be trademarks of their respective
owners.
Type 'help;' or '\h' for help. Type '\c' to clear the current input statement.
mysql> CREATE USER 'test10'@'localhost';
Query OK, 0 rows affected (0.01 sec)
There is not much info found on the web/documentation for safe-user-create.
Can someone share more info related to safe-user-create option about usage/validation?
Thanks,
Ramesh
How to repeat:
Created a test1 user using the command's
---------------------------------------------
CREATE USER 'test1'@'localhost' IDENTIFIED BY 'test';
GRANT CREATE USER ON *.* TO 'test1'@'localhost';
Logged in using test1 user and able to create a user without INSERT(user) privileges
----------------------------------------------------------------------------------------
[root@localhost bin]# ./mysql -utest1 -ptest
mysql> CREATE USER 'test10'@'localhost';